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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 03 October 0200 . 
2a)D This action is FINAL. 2b)ISl This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) [E Claim(s) 37-52 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 37.38.40.43-45.47 and 48 is/are rejected. 

7) 13 Claim(s) 39. 41. 42. 46. 49. 50 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) I3 The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 03 October 2000 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§119 and 120 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)QAII b)D Some*c)D None of: 

Certified copies of the priority documents have been received. 
Certified copies of the priority documents have been received in Application No. 



1D 

2. D 

3. D 



Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) [3 Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1.78. 



Attachment(s) 

1) 23 Notice of References Cited (PTO-892) 

2) EH Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) ^ Information Disclosure Statement(s) (PTO-1449) Paper No(s) 3 . 



4) EH Interview Summary (PTO-413) Paper No(s). 

5) □ Notice of Informal Patent Application (PTO-152) 

6) □ Other: 
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DETAILED ACTION 



Specification 



1 . The disclosure is objected to because of the following informalities: Applicant did 
not cite the serial number of the co-pending application on page 1 1 , line 15 of the 
specification. 

Appropriate correction is required. 



1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 37, 45, 51 and 52 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Rawson (5265252) in view of Davis (5844986). In regards to claim 
37, Rawson discloses in column 4, lines 3-5 that application programs are able to 
access I/O devices by making system calls to the operating system. Rawson further 
discloses in column 4, lines 12-16 that operating system specific device drivers issue 
commands to a device driver interface, which in turn directs the requests to appropriate 
class drivers (column 4, lines 28-30) so the I/O devices can be accessed. These 



Claim Rejections - 35 USC § 103 
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disclosures meet the limitations set forth under claims 37, 45, 51 and 52 that call for 
having an access driver generate a request to use Basic Input/Output System services 
(see column 4, lines 12-16). However, Rawson makes no mention of providing security 
for issued commands through the use of signatures and cryptographic key pairs. Davis 
(5844986) teaches in column 1 , lines 46-49, that there is a need for protecting BIOS 
access from things such as intrusive attacks. Davis then goes on to disclose in column 
3, lines 66-67 through column 4, lines 1-4, that public/private key cryptography can be 
used as part of an authentication procedure, specifically using the well-known 
techniques of digital signatures and certificates. It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to substitute Davis's 
teachings on the need for protecting BIOS through the use of public/private key 
cryptography, digital signatures and certificates into Rawson's design in order to 
achieve a design that is capable of validating the integrity of service requests from 
various access drivers. 

3. In regards to claim 38, Rawson discloses in column 4, lines 12-16, that operating 
system specific device drivers issue commands over a device driver interface so that 
the device driver interface may forward then through to a mapping lay so that they can 
eventually be received at an appropriate I/O device. This disclosure meets the 
limitations set forth under claim 38, which calls for allowing the access driver to 
generate requests to establish communications with an interface. However, Rawson 
makes no mention of allowing the requests to contain a signature that was created 
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using a private key in a cryptographic key pair. Davis (5844986) teaches in column 1 , 
lines 46-49, that there is a need for protecting BIOS access from things such as 
intrusive attacks. Davis then goes on to disclose in column 3, lines 66-67 through 
column 4, lines 1-4, that public/private key cryptography can be used as part of an 
authentication procedure, specifically using the well-known techniques of digital 
signatures and certificates. It would have been obvious to one of ordinary skill in the art 
at the time the invention was made to substitute Davis's teachings on the need for 
protecting BIOS through the use of public/private key cryptography, digital signatures 
and certificates in order to achieve a design that is capable of validating the integrity of 
service requests from various access drivers. 

4. In regards to claims 40 and 44, Davis further discloses in column 4, lines 28-37, 
that digital certificates are employed in order to authenticate any changes associated 
with the BIOS. It would have been obvious to one of ordinary skill in the art at the time 
the invention was made to substitute Davis's teachings on the use of providing 
certificates for validating and authenticating and possible BIOS changes into Rawson's 
design in order to achieve a design that is capable of allowing an interface to generate 
and send authority certificates to an access driver which uses the certificate to generate 
future session requests. 

5. In regards to claim 43, Davis further discloses in column 4, lines 31-37, that a 
public key can be used in order to verify a digital signature or a digital certificate. It 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made to substitute Davis's teachings on the using digital signatures for verification and 
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authentication purposes into Rawson's design in order to achieve a design that is 
capable of allowing the authority certificate to contain a certificate signature. 

6. In regards to claim 47, Rawson further discloses in column 5, lines 1 1-23, that a 
command initiator is used to enable the desired BIOS operation (such as a dick read) 
that was desired by the initial request. This meets the limitations set forth under claim 
47, which call for performing the BIOS service specified by the service request. 

7. In regards to claim 48, Rawson discloses in column 4, lines 3-5 that application 
programs are able to access I/O devices by making system calls to the operating 
system. Rawson further discloses in column 4, lines 12-16 that operating system 
specific device drivers issue commands/requests to an interface, which in turn directs 
the requests to appropriate class drivers (column 4, lines 28-30) so the I/O devices can 
be accessed. This meets the limitations set forth under claim 48 that call for creating a 
request to establish a connection with an application interface. However, Rawson 
makes no mention of providing security for issued commands through the use of 
signatures and cryptographic key pairs. Davis (5844986) teaches in column 1 , lines 46- 
49, that there is a need for protecting BIOS access from things such as intrusive 
attacks. Davis then goes on to disclose in column 3, lines 66-67 through column 4, 
lines 1-4, that public/private key cryptography can be used as part of an authentication 
procedure, specifically using the well-known techniques of digital signatures and 
certificates. It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to substitute Davis's teachings on the need for protecting BIOS 
through the use of public/private key cryptography, digital signatures and certificates 
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into Rawson's design in order to achieve a design that is capable of validating the 

integrity of session request. 

8. 



9. Claims 39, 41 , 42, 46, 49, 50 objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Joseph McArdle whose telephone number is (703) 305- 
7515. The examiner can normally be reached on Weekdays from 8:00 am - 5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (703) 305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 746-7239. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 



Allowable Subject Matter 
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